|
|
|
|
|
|
by technion
3832 days ago
|
|
|
I had a recent conversation with a McAfee engineer regarding the use of MD5 in the whitelisting system. If it has "seen" an executable before, it assumes it clean and doesn't scan it, based on a hash. He absolutely promised me that: * No stronger hash exists
* MD5 collisions are literally impossible
I pointed him to a paper his own research department released, referring to the Flame malware utilising an MD5 collision, and he informed me he had previously looked at it, and it was a "typo" that he would get fixed.This is a senior developer responsible for many of the design decisions in the product. It's frightening. |
|
|